samsung-sm8650/android_kernel_samsung_sm8650-modules
1
0
Fork 0
Código Issues Pull requests Ações Pacotes Projetos Versões Wiki Atividade

qcacld-3.0: Fix for crash caused by buffer overflow

Ver código fonte 
qcacld-2.0 to qcacld-3.0 propagation

In sme_update_dsc_pto_up_mapping() function, we try to write into
the array dscpmapping in 255th location, if the location index
happens to be 255. But the size of dscpmapping array is 64 only
which is causing out of boundary access resulting in crash.

To address this, avoid writing in out of boundary. If the DSCP
range is 255, there is no mapping for such priority, so there is
no need assign anything for dscpmapping.

CRs-Fixed: 1027457
Change-Id: Ic4299122b10a990d17816f864ef8415c1b75b230
Esse commit está contido em:
Deepthi Gowri
2016-10-12 15:44:54 +05:30
commit de qcabuildsw
pai 0a151cbb2e
commit 973890eeb9
1 arquivos alterados com 0 adições e 1 exclusões
Baixar arquivo de patch Baixar arquivo de diferenças Expandir todos os arquivos Colapsar todos os arquivos

1
core/sme/src/common/sme_api.c
Ver arquivo

@@ -13236,7 +13236,6 @@ QDF_STATUS sme_update_dsc_pto_up_mapping(tHalHandle hHal,
if ((pSession->QosMapSet.dscp_range[i][0] == 255)
&& (pSession->QosMapSet.dscp_range[i][1] ==
255)) {
dscpmapping[j] = 0;
QDF_TRACE(QDF_MODULE_ID_SME,
QDF_TRACE_LEVEL_ERROR,
FL("User Priority %d isn't used"), i);